[kaffe] CVS kaffe (robilad): Resynced with GNU Classpath: permission fixes
Kaffe CVS
cvs-commits at kaffe.org
Sat Feb 19 08:18:42 PST 2005
PatchSet 5566
Date: 2005/02/19 16:10:18
Author: robilad
Branch: HEAD
Tag: (none)
Log:
Resynced with GNU Classpath: permission fixes
2005-02-19 Dalibor Topic <robilad at kaffe.org>
Resynced with GNU Classpath.
2005-02-16 Andrew Haley <aph at redhat.com>
* javax/security/auth/Subject.java (doAsPrivileged): If acc is
null, create a new AccessControlContext.
* java/security/SecureClassLoader.java (protectionDomainCache):
new field.
(defineClass): Create a new protection domain and add it to our
cache.
* java/rmi/server/UnicastRemoteObject.java (exportObject): Call
addStub() to keep track of the stub we've exported.
(unexportObject): Call deleteStub().
* java/rmi/server/RemoteObject.java (stubs): New field.
(addStub): New method.
(deleteStub): New method.
(toStub): Rewrite.
* java/security/Permissions.java (PermissionsHash.implies):
Iterate over the collection and invoke implies() on each
element.
Members:
ChangeLog:1.3610->1.3611
libraries/javalib/java/rmi/server/RemoteObject.java:1.5->1.6
libraries/javalib/java/rmi/server/UnicastRemoteObject.java:1.5->1.6
libraries/javalib/java/security/Permissions.java:1.7->1.8
libraries/javalib/java/security/SecureClassLoader.java:1.7->1.8
libraries/javalib/javax/security/auth/Subject.java:1.2->1.3
Index: kaffe/ChangeLog
diff -u kaffe/ChangeLog:1.3610 kaffe/ChangeLog:1.3611
--- kaffe/ChangeLog:1.3610 Sat Feb 19 16:01:16 2005
+++ kaffe/ChangeLog Sat Feb 19 16:10:18 2005
@@ -2,6 +2,31 @@
Resynced with GNU Classpath.
+ 2005-02-16 Andrew Haley <aph at redhat.com>
+
+ * javax/security/auth/Subject.java (doAsPrivileged): If acc is
+ null, create a new AccessControlContext.
+ * java/security/SecureClassLoader.java (protectionDomainCache):
+ new field.
+ (defineClass): Create a new protection domain and add it to our
+ cache.
+
+ * java/rmi/server/UnicastRemoteObject.java (exportObject): Call
+ addStub() to keep track of the stub we've exported.
+ (unexportObject): Call deleteStub().
+ * java/rmi/server/RemoteObject.java (stubs): New field.
+ (addStub): New method.
+ (deleteStub): New method.
+ (toStub): Rewrite.
+
+ * java/security/Permissions.java (PermissionsHash.implies):
+ Iterate over the collection and invoke implies() on each
+ element.
+
+2005-02-19 Dalibor Topic <robilad at kaffe.org>
+
+ Resynced with GNU Classpath.
+
2005-02-16 Julian Scheid <julian at sektor37.de>
* gnu/java/nio/charset/UTF_8.java (decodeLoop): Set inPos to
Index: kaffe/libraries/javalib/java/rmi/server/RemoteObject.java
diff -u kaffe/libraries/javalib/java/rmi/server/RemoteObject.java:1.5 kaffe/libraries/javalib/java/rmi/server/RemoteObject.java:1.6
--- kaffe/libraries/javalib/java/rmi/server/RemoteObject.java:1.5 Tue Jan 18 15:44:38 2005
+++ kaffe/libraries/javalib/java/rmi/server/RemoteObject.java Sat Feb 19 16:10:21 2005
@@ -45,6 +45,7 @@
import java.rmi.NoSuchObjectException;
import java.rmi.Remote;
import java.rmi.UnmarshalException;
+import java.util.WeakHashMap;
public abstract class RemoteObject
implements Remote, Serializable {
@@ -53,6 +54,8 @@
protected transient RemoteRef ref;
+private static final WeakHashMap stubs = new WeakHashMap();
+
protected RemoteObject() {
this(null);
}
@@ -65,21 +68,24 @@
return (ref);
}
+synchronized static void addStub(Remote obj, Remote stub)
+{
+ stubs.put(obj, stub);
+}
+
+synchronized static void deleteStub(Remote obj)
+{
+ stubs.remove(obj);
+}
+
public static Remote toStub(Remote obj) throws NoSuchObjectException
{
- Class cls = obj.getClass();
- String classname = cls.getName();
- ClassLoader cl = cls.getClassLoader();
- try
- {
- Class scls = cl.loadClass(classname + "_Stub");
- // JDK 1.2 stubs
- Class[] stubprototype = new Class[] { RemoteRef.class };
- Constructor con = scls.getConstructor(stubprototype);
- return (Remote)(con.newInstance(new Object[]{obj}));
- }
- catch (Exception e) {}
- throw new NoSuchObjectException(obj.getClass().getName());
+ Remote stub = (Remote)stubs.get(obj);
+
+ if (stub == null)
+ throw new NoSuchObjectException(obj.getClass().getName());
+
+ return stub;
}
public int hashCode() {
Index: kaffe/libraries/javalib/java/rmi/server/UnicastRemoteObject.java
diff -u kaffe/libraries/javalib/java/rmi/server/UnicastRemoteObject.java:1.5 kaffe/libraries/javalib/java/rmi/server/UnicastRemoteObject.java:1.6
--- kaffe/libraries/javalib/java/rmi/server/UnicastRemoteObject.java:1.5 Sat Oct 23 18:03:42 2004
+++ kaffe/libraries/javalib/java/rmi/server/UnicastRemoteObject.java Sat Feb 19 16:10:21 2005
@@ -98,7 +98,9 @@
{
sref = new UnicastServerRef(new ObjID (), port, ssf);
}
- return (sref.exportObject (obj));
+ Remote stub = sref.exportObject (obj);
+ addStub(obj, stub);
+ return stub;
}
/**
@@ -116,12 +118,15 @@
{
if (obj instanceof RemoteObject)
{
+ deleteStub(obj);
UnicastServerRef sref = (UnicastServerRef)((RemoteObject)obj).getRef();
return sref.unexportObject(obj, force);
}
else
- //FIX ME
- ;
+ {
+ //FIX ME
+ ;
+ }
return true;
}
Index: kaffe/libraries/javalib/java/security/Permissions.java
diff -u kaffe/libraries/javalib/java/security/Permissions.java:1.7 kaffe/libraries/javalib/java/security/Permissions.java:1.8
--- kaffe/libraries/javalib/java/security/Permissions.java:1.7 Sat Feb 19 15:04:20 2005
+++ kaffe/libraries/javalib/java/security/Permissions.java Sat Feb 19 16:10:21 2005
@@ -227,9 +227,18 @@
* @param perm the permission to check
* @return true if it is implied
*/
+ // FIXME: Should this method be synchronized?
public boolean implies(Permission perm)
{
- return perms.get(perm) != null;
+ Enumeration elements = elements();
+
+ while (elements.hasMoreElements())
+ {
+ Permission p = (Permission)elements.nextElement();
+ if (p.implies(perm))
+ return true;
+ }
+ return false;
}
/**
Index: kaffe/libraries/javalib/java/security/SecureClassLoader.java
diff -u kaffe/libraries/javalib/java/security/SecureClassLoader.java:1.7 kaffe/libraries/javalib/java/security/SecureClassLoader.java:1.8
--- kaffe/libraries/javalib/java/security/SecureClassLoader.java:1.7 Thu Jun 3 22:26:00 2004
+++ kaffe/libraries/javalib/java/security/SecureClassLoader.java Sat Feb 19 16:10:21 2005
@@ -48,6 +48,8 @@
*/
public class SecureClassLoader extends ClassLoader
{
+ java.util.WeakHashMap protectionDomainCache = new java.util.WeakHashMap();
+
protected SecureClassLoader(ClassLoader parent)
{
super(parent);
@@ -80,11 +82,29 @@
protected final Class defineClass(String name, byte[] b, int off, int len,
CodeSource cs)
{
- // FIXME: Need to cache ProtectionDomains according to 1.3 docs.
if (cs != null)
{
- ProtectionDomain protectionDomain
- = new ProtectionDomain(cs, getPermissions(cs), this, null);
+ ProtectionDomain protectionDomain;
+
+ synchronized (protectionDomainCache)
+ {
+ protectionDomain = (ProtectionDomain)protectionDomainCache.get(cs);
+ }
+
+ if (protectionDomain == null)
+ {
+ protectionDomain
+ = new ProtectionDomain(cs, getPermissions(cs), this, null);
+ synchronized (protectionDomainCache)
+ {
+ ProtectionDomain domain
+ = (ProtectionDomain)protectionDomainCache.get(cs);
+ if (domain == null)
+ protectionDomainCache.put(cs, protectionDomain);
+ else
+ protectionDomain = domain;
+ }
+ }
return super.defineClass(name, b, off, len, protectionDomain);
}
else
Index: kaffe/libraries/javalib/javax/security/auth/Subject.java
diff -u kaffe/libraries/javalib/javax/security/auth/Subject.java:1.2 kaffe/libraries/javalib/javax/security/auth/Subject.java:1.3
--- kaffe/libraries/javalib/javax/security/auth/Subject.java:1.2 Sun Oct 24 17:20:13 2004
+++ kaffe/libraries/javalib/javax/security/auth/Subject.java Sat Feb 19 16:10:22 2005
@@ -235,7 +235,7 @@
*/
public static Object doAsPrivileged (final Subject subject,
final PrivilegedExceptionAction action,
- final AccessControlContext acc)
+ AccessControlContext acc)
throws PrivilegedActionException
{
final SecurityManager sm = System.getSecurityManager();
@@ -243,6 +243,8 @@
{
sm.checkPermission (new AuthPermission ("doAsPrivileged"));
}
+ if (acc == null)
+ acc = new AccessControlContext (new java.security.ProtectionDomain[0]);
AccessControlContext context =
new AccessControlContext (acc, new SubjectDomainCombiner (subject));
return AccessController.doPrivileged (action, context);
More information about the kaffe
mailing list